Setup route map for icmp packets

Posted on 2011-05-09
Last Modified: 2012-06-21
I have two dsl lines coming into one router.  I have a default route that goes out g0/1.  I can't ping g0/0 from the outside because when the ping is being sent back out ir uses the default route and it needs to use the route out the g0/0 interface.  I think I can use policy based routing for this but so far haven't got it right.

Can you give me the steps to set a route map that matched icmp traffic and sets the next-hop ip to ne g0/0.  I think this should allow me to ping g0/0 from the outside.
Question by:dmwynne
    LVL 7

    Accepted Solution

    This is a clear and simple example of what you want to do (with some minor modifications of course)
    LVL 14

    Author Comment

    So I setup my access list as follows:

    access-list 130 permit icmp any host x.x.x.x-external ip
    access-list 130 permit ip any any

    Setup route map:

    route-map ICMP permit 130
     match ip address 130
     set ip next-hop x.x.x.x-external ip

    Then is applied the route map to the interface.  I'm not getting any hits on the route map when running a show route-map.
    LVL 7

    Expert Comment

    Yes there is a problem since one packet (echo) enters the router and another (echo-reply) exits the router which means that the packet marked for a route does not exist, you can try it the other but I do not know if it is helpful fro you this way:

    conf t
    ip local policy route-map ICMP
    //activates route-map on traffic sourced from the router

    access-list 140 permit icmp host any
    // is my router interface (source)

    route-map ICMP permit 10
     match ip address 140
     set ip next-hop

    The command debug ip policy is very helpful when troubleshooting route-maps:
    *Mar  1 03:32:20.115: IP: route map ICMP, item 10, permit
    *Mar  1 03:32:20.115: IP: s= (local), d= (FastEthernet0/1), len 100, policy routed
    *Mar  1 03:32:20.115: IP: local to FastEthernet0/1
    *Mar  1 03:32:20.167: IP: s= (local), d=, len 100, policy match


    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now